b'Department of Homeland Security\n   Of\xef\xac\x81ce of Inspector General\n\n            U.S. Citizenship and Immigration \n\n             Services Privacy Stewardship \n\n\n\n\n\nOIG-11-85                                        May 2011\n\x0c                                                             Office ofInspector General\n\n                                                             U.S. Department of Homeland Security\n                                                             Washington, DC 20528\n\n\n\n\n                                                              Homeland\n                                                              Security\n                                     MAY 24 ZOH\n                                          Preface\n\nThe Department of Homeland Security (DHS) Office ofInspector General (DIG) was\nestablished by the Homeland Security Act of2002 (Public Law 107-296) by amendment\nto the Inspector General Act of 1978. This is one of a series of audit, inspection, and\nspecial reports prepared as part of our oversight responsibilities to promote economy,\nefficiency, and effectiveness within the department.\n\nThis report addresses the U.S. Citizenship and Immigration Services\' plans and activities\nto instill a privacy culture that protects sensitive personally identifiable information and\nensure compliance with federal privacy laws and regulations. It is based on interviews\nwith employees and officials of relevant agencies and institutions, direct observations,\nand a review of applicable documents.\n\nThe recommendations herein have been developed to the best knowledge available to our\noffice, and have been discussed in draft with those responsible for implementation. We\ntrust this report will result in more effective, efficient, and economical operations. We\nexpress our appreciation to all of those who contributed to the preparation of this report.\n\n                                     ~LlI\n\n                                     F~~er\n                                      Assistant Inspector General\n                                      Information Technology Audits\n\x0cTable of Contents/Abbreviations\nExecutive Summary .............................................................................................................1 \n\n\nBackground ..........................................................................................................................2\n \n\n\nResults of Audit ...................................................................................................................4 \n\n\n     USCIS Has Made Progress With Privacy Stewardship .................................................4 \n\n\n     Privacy Risks to A-Files Need Mitigation .....................................................................7 \n\n     Recommendations........................................................................................................10 \n\n     Management Comments and OIG Analysis ................................................................11 \n\n\n     Technical Risks to PII Need to Be Addressed .............................................................12 \n\n     Recommendation .........................................................................................................13 \n\n     Management Comments and OIG Analysis ................................................................14 \n\n\n     Physical Security Standards Need Consistent Enforcement to Protect PII..................15 \n\n     Recommendation .........................................................................................................16 \n\n     Management Comments and OIG Analysis ................................................................16 \n\n\n     Privacy Training and Awareness Need Improvement to Increase Effectiveness ........18 \n\n     Recommendations........................................................................................................21\n\n     Management Comments and OIG Analysis ................................................................21 \n\n\nFigures\n     Figure 1:             Purposes for Personally Identifiable Information in a \n\n                           Typical Day at USCIS ...........................................................................2 \n\n     Figure 2:             Pillars of Privacy Stewardship ...............................................................3 \n\n     Figure 3:             Stages of Processing Alien Registration Files Containing\n\n                           Personally Identifiable Information .......................................................8 \n\n     Figure 4:             Examples of Alien Registration Files ....................................................9 \n\n     Figure 5:             Service Center Telework Participation/Monthly Missing\n\n                           Alien Registration Files Rates in 2009 ..................................................9 \n\n     Figure 6:             Examples of Controls for Physical Access ..........................................15 \n\n     Figure 7:             Records Are People, People\xe2\x80\x99s Lives ....................................................20 \n\n\nAppendices\n     Appendix A: Purpose, Scope, and Methodology.......................................................22 \n\n     Appendix B: Management Comments to the Draft Report .......................................24 \n\n     Appendix C: Legislation, Memoranda, Directives, and Guidance\n\n                 Pertinent to the USCIS Privacy Stewardship Audit.............................31 \n\n     Appendix D: Component Level Privacy Office Designation and Duties ..................33 \n\n     Appendix E: USCIS Systems: Privacy Impact Assessments and \n\n                 System of Records Notices ..................................................................34 \n\n\x0c  Appendix F: OIG Privacy Culture Survey ................................................................38 \n\n  Appendix G: Major Contributors to this Report ........................................................40 \n\n  Appendix H: Report Distribution ..............................................................................41 \n\n\nAbbreviations\n  A-File             Alien Registration File \n\n  DHS                Department of Homeland Security \n\n  FISMA              Federal Information Security Management Act of 2002\n \n\n  MD                 Management Directive                \n\n  OIG                Office of Inspector General \n\n  OMB                Office of Management and Budget \n\n  OSI                Office of Security and Integrity\n \n\n  PII                Personally Identifiable Information \n\n  PIA                Privacy Impact Assessment \n\n  SORN               System of Records Notice \n\n  USCIS              U.S. Citizenship and Immigration Services \n\n\x0cOIG\n \n\nDepartment of Homeland Security\nOffice of Inspector General\n\nExecutive Summary\n                 We performed an audit of U.S. Citizenship and Immigration\n                 Services\xe2\x80\x99 privacy stewardship. Our audit objectives were to\n                 determine whether the plans and activities of U.S. Citizenship and\n                 Immigration Services instill a culture of privacy and whether they\n                 comply with federal privacy laws and regulations.\n\n                 U.S. Citizenship and Immigration Services demonstrated an\n                 organizational commitment to privacy stewardship by appointing a\n                 privacy officer and establishing its Office of Privacy. The Office\n                 of Privacy monitors compliance with federal privacy laws and\n                 regulations and provides guidance to managers and employees on\n                 meeting requirements for notice, incident reporting, and privacy\n                 impact assessments. In addition, the Office of Privacy conducts\n                 initial and annual privacy training and addresses inquiries and\n                 complaints by individuals.\n\n                 While U.S. Citizenship and Immigration Services has made\n                 progress in implementing a privacy program that complies with\n                 privacy laws, opportunities still exist to improve its privacy\n                 culture. Specifically, management can improve the protection of\n                 Alien Registration Files by conducting a privacy risk analysis on\n                 telework and adjudication activities at service centers and field\n                 offices. Also, technical vulnerabilities regarding removable data\n                 devices, email, and system auditing and monitoring need to be\n                 addressed. Further, physical security standards need to be\n                 implemented consistently in all U.S. Citizenship and Immigration\n                 Services facilities. Management must ensure that employees and\n                 contractors are receiving mandatory privacy training, along with\n                 appropriate job-specific, advanced, or specialized application of\n                 privacy training and awareness. We are making six\n                 recommendations to the Deputy Director of U.S. Citizenship and\n                 Immigration Services to strengthen its culture of privacy.\n\n\n\n\n              U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                         Page 1 \n\n\x0cBackground\n                           U.S. Citizenship and Immigration Services (USCIS) is responsible\n                           for granting immigration and citizenship benefits, promoting an\n                           understanding of citizenship, and ensuring the integrity of our\n                           immigration system. Interacting with the public in more than 250\n                           offices around the world, almost 18,000 USCIS employees collect,\n                           use, and disseminate personally identifiable information (PII). PII\n                           refers to any information that permits the identity of an individual to\n                           be directly or indirectly inferred, including any information that is or\n                           can be linked to that individual, whether the individual is a U.S.\n                           citizen, legal permanent resident, or a visitor to the United States.\n\n                           USCIS\xe2\x80\x99 main customers are immigrant and nonimmigrant applicants\n                           or petitioners for benefits or services. Figure 1 lists purposes for\n                           which USCIS collects PII from the public in a typical day.\n\n                           Figure 1. Purposes for Personally Identifiable Information in a Typical\n                           Day at USCIS\n                               PURPOSES FOR PERSONALLY IDENTIFIABLE INFORMATION\n                                           IN A TYPICAL DAY AT USCIS\n\n                               \xef\xbf\xbd    Conduct 135,000 national security background checks\n                               \xef\xbf\xbd    Complete 30,000 applications for various immigration benefits\n                               \xef\xbf\xbd    Fingerprint and photograph 11,000 applicants\n                               \xef\xbf\xbd    Process 3,700 applications to sponsor relatives and fianc\xc3\xa9es\n                               \xef\xbf\xbd    Ensure employment eligibility of more than 80,000 new hires\n\n                           Source: USCIS.\n\n\n                           The Privacy Act of 1974, as amended, imposes requirements on\n                           agencies whenever they collect, use, or disseminate PII in a system\n                           of records. The Privacy Act grants access and amendment rights to\n                           U.S. citizens and legal permanent residents. 1\n\n                           As illustrated in Figure 2, our review of effective privacy\n                           stewardship includes assessing 1) organizational commitment to\n                           privacy, 2) privacy compliance management, 3) policies for proper\n                           handling of PII, 4) privacy risk mitigation in operations, and 5)\n                           privacy training and awareness.\n\n\n\n1\n  DHS Privacy Office, Policy Guidance Memorandum Number 2007-01: DHS Privacy Policy Regarding\nCollection, Use, Retention, and Dissemination of Information on Non-U.S. Persons, extends privacy\nprotection to non-U.S. persons to have the right of access to their PII and the right to amend their records,\nabsent an exemption under the Privacy Act. However, this policy does not extend or create a right of\njudicial review for non-U.S. persons.\n\n\n                        U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                                                    Page 2\n\x0c   Figure 2. Pillars of Privacy Stewardship\n\n\n\n\n   Source: Office of Inspector General (OIG) analysis.\n\n\n   A component\xe2\x80\x99s culture of privacy results from how well its\n   executive leadership, managers, and employees understand,\n   implement, and enforce its privacy commitment. Privacy\n   stewardship, or the promotion of an effective culture of privacy,\n   leads to embedded shared attitudes, values, goals, and practices for\n   complying with the requirements for proper handling of PII. A\n   component privacy officer can help enhance the privacy culture by\n   identifying privacy issues and working within the component to\n   address them.\n\n\n\n\nU.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                            Page 3 \n\n\x0cResults of Audit\n     USCIS Has Made Progress With Privacy Stewardship\n          USCIS has made progress in promoting a culture of privacy across the\n          agency. Specifically, it established an Office of Privacy in November\n          2007 and designated a privacy officer who is responsible for performing\n          certain duties, as required by the DHS Memorandum Designation of\n          Component Privacy Officers, dated June 5, 2009. See Appendix D for a\n          description of each specific duty.\n\n                 USCIS Office of Privacy\n\n                 The Privacy Officer reports to the USCIS Director\xe2\x80\x99s Chief of Staff\n                 and works collaboratively with the DHS Privacy Office by serving\n                 as its point of contact and participating in its working groups. The\n                 Office of Privacy consists of four staff members who perform the\n                 following duties to improve the culture of privacy in USCIS:\n\n                      \xef\xbf\xbd\t Advises USCIS leadership, management, and staff on\n                         matters with privacy impact.\n                      \xef\xbf\xbd\t Develops and issues DHS/USCIS privacy policy guidance.\n                      \xef\xbf\xbd\t Provides advice and technical assistance in the\n                         development of privacy compliance documentation.\n                      \xef\xbf\xbd\t Manages PII incident response.\n                      \xef\xbf\xbd\t Develops and administers privacy awareness training.\n\n                 Initial and Annual Privacy Training\n\n                 To comply with Office of Management and Budget (OMB)\n                 M-07-16, Safeguarding Against and Responding to the Breach of\n                 Personally Identifiable Information, USCIS provides initial\n                 privacy training for new employees and annual refresher privacy\n                 training for current employees. Throughout 2009 and 2010, the\n                 Office of Privacy conducted 23 privacy training sessions at field\n                 locations throughout the country. Also, the Office of Privacy\n                 collaborated with the Office of Human Capital and Training to\n                 monitor privacy training completion by the workforce. For\n                 example, in FY 2009, USCIS reported that more than 95% of its\n                 employees completed annual refresher privacy training.\n\n                 Privacy Impact Assessments\n\n                 The E-Government Act of 2002 requires agencies to conduct\n                 Privacy Impact Assessments (PIAs) for information systems that\n\n\n              U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                                         Page 4\n\x0c                          collect, maintain, or disseminate PII. A PIA helps the public\n                          understand what PII is being collected, why it is being collected,\n                          and how it will be used, shared, accessed, and stored. As part of\n                          preparing a PIA, the Office of Privacy helps managers to analyze\n                          their use of proposed PII collections, as well as privacy risks and\n                          their mitigation throughout the life cycle of a program or system.\n\n                          USCIS has 34 PIAs that are approved by the DHS Privacy Office\n                          and are available on its public website. See Appendix E for a list\n                          and description of these PIAs.\n\n                          Systems of Records Notices\n\n                          The Privacy Act requires federal agencies to issue Systems of\n                          Records Notices (SORNs) for every system of records under their\n                          control that collects PII and from which information is retrieved by\n                          an identifier. A system of records is a group of any records about\n                          an individual under agency control from which information is\n                          retrieved by that individual\xe2\x80\x99s name, identifying number, symbol, or\n                          other identifying particular assigned to the individual. The Office\n                          of Privacy assists managers in determining whether they have a\n                          system of records.\n\n                          The SORNs are published in the Federal Register to explain to the\n                          public the purpose for which PII is collected for a particular system\n                          of records, from whom the information is collected, and what type\n                          of PII is collected, how that information is shared externally, and\n                          how the public can exercise rights granted through the Privacy Act\n                          regarding the PII in a system of records. USCIS has 12 SORNs\n                          and three exemptions that are approved by the DHS Privacy Office\n                          and available on its public website. 2\n\n                          Reporting Privacy Status and Incident Handling\n\n                          The Federal Information Security Management Act of 2002\n                          (FISMA) directs agencies to identify privacy risks intrinsic to their\n                          systems, develop ways to mitigate those risks, and report results of\n                          ongoing system assessments to OMB. The Office of Privacy\n                          updates the status of privacy information required by FISMA.\n\n                          The DHS Privacy Office Privacy Incident Handling Guidance\n                          establishes responsibilities for the Office of Privacy to perform.\n\n2\n The Privacy Act allows government agencies to exempt certain records from the access and amendment\nprovisions. If an agency claims an exemption, it must issue a Notice of Proposed Rulemaking to explain\nwhy a particular exemption is claimed.\n\n\n                      U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                                                 Page 5\n\x0c   The Office of Privacy reviews suspected privacy incidents,\n   determines whether the incidents relate to privacy, and if so,\n   provides an analysis of ways to minimize the loss of privacy data.\n   The office evaluates the reasonable risk of harm associated with\n   the incident to the affected individuals, and issues notices to the\n   affected individuals, if appropriate.\n\n   Processes for Privacy Notice and Complaints for Individuals\n\n   The Privacy Act requires agencies to provide notice to individuals\n   prior to the collection of their PII, absent an exemption under the\n   Privacy Act. The Office of Privacy assists managers with the\n   drafting of notices on forms or websites.\n\n   Section 803 of the Implementing Recommendations of the 9/11\n   Commission Act of 2007 defines complaints as written allegations\n   of harm or violation of privacy compliance requirements that may\n   include requests for access, correction, and redress from\n   individuals. Complaints may be filed with the DHS Privacy Office\n   or USCIS. USCIS has processes to receive privacy complaints or\n   requests for access, correction, and redress from individuals.\n   Individuals may file complaints through the Ombudsman Office or\n   specific program offices, such as the Verification Division. The\n   Office of Privacy reviews all pertinent privacy issues.\n\n   Section 803 of the Implementing Recommendations of the 9/11\n   Commission Act of 2007 also establishes additional privacy\n   reporting requirements for complaints regarding DHS. In July\n   2010, the Office of Privacy implemented a system to track and\n   resolve privacy complaints and requests for access, correction, and\n   redress. The DHS Privacy Office public website contains\n   information on USCIS and other component privacy complaints.\n\n\n\n\nU.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                           Page 6 \n\n\x0c         Privacy Risks to A-Files Need Mitigation\n                  USCIS has not identified ways to mitigate privacy risks when transporting\n                  PII, primarily contained in Alien Registration Files (A-Files). First,\n                  USCIS does not have PIAs that identify vulnerabilities and establish ways\n                  to protect A-Files when they are physically moved from one operation to\n                  another or transported among USCIS facilities. Second, USCIS has not\n                  provided rules of conduct, as required by the Privacy Act, for handling PII\n                  during telework.\n\n                           Protecting A-Files at Facilities\n\n                           USCIS has not performed PIAs to identify privacy threats and\n                           ways to mitigate them at service centers and field offices,\n                           particularly when A-Files are physically moved from one operation\n                           to another or transported among USCIS facilities. The PIA\n                           process includes reviewing applicable privacy policies, identifying\n                           specific privacy vulnerabilities, and determining ways to mitigate\n                           risks at service centers and field offices.\n\n                           Existing PIAs on USCIS information technology systems that\n                           contain PII do not adequately address risks when employees\n                           handle A-Files to process immigration benefits and services.\n                           According to DHS Privacy Office Policy Guidance Memorandum\n                           2008-02, PIAs should be conducted for programs, activities,\n                           technologies, and rulemakings, regardless of their type or\n                           classification, to ensure that privacy considerations and protections\n                           are incorporated into all activities of the Department. PIAs on\n                           activities that raise privacy concerns related to the use of PII will\n                           ensure greater transparency and help build trust in DHS operations.\n\n                           A PIA on A-File processing will provide the public with a\n                           comprehensive view of the integration of privacy in operations and\n                           how privacy concerns have been addressed through USCIS\n                           implementation of privacy controls. USCIS Management\n                           Directive (MD) 140-001, Handling Sensitive and Non-Sensitive\n                           Personally Identifiable Information, requires its employees to\n                           maintain control over files containing PII. However, during a\n                           2-year period (2008 and 2009), USCIS reported that more than a\n                           third (37%) of privacy incidents involved employees\xe2\x80\x99 lack of\n                           control over A-Files as they pass to subsequent operations or\n                           during transportation to other locations. 3 In 2009, management\n3\n  The remaining incidents involved information technology issues, such as improper handling of emails\ncontaining PII, the loss of removable data devices containing PII, or mailing files to the wrong recipient or\nfacility (109 of 173 incidents, 63%).\n\n\n                       U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                                                   Page 7\n\x0c   reported a monthly average of 257,000 missing A-Files in all\n   facilities.\n\n   Improved privacy controls at USCIS facilities will help mitigate\n   the privacy risks that exist as employees handle A-Files to\n   adjudicate benefits and provide services. For example, the four\n   service centers in California, Nebraska, Texas, and Vermont\n   consist of 10 different facilities. Each service center consists of\n   one to four buildings that are located up to 30 miles away from\n   each other. Therefore, within a single service center, employees\n   may move A-Files to different locations as often as 10 times to\n   receive inbound A-Files, temporarily store A-Files, conduct\n   background checks, adjudicate benefits, prepare outbound A-Files,\n   and load A-Files on and off of docks. Figure 3 shows how large\n   volumes of files are handled daily to complete the processing of a\n   particular service or benefit.\n   Figure 3. Stages of Processing Alien Registration Files Containing\n   Personally Identifiable Information\n\n\n\n\n   Source: OIG.\n\n\n   Senior leadership and operations managers have the overall\n   responsibility to ensure that USCIS protects privacy and are\n   accountable for PII contained in A-Files at their service centers and\n   field offices. Until managers assess the processes, flow, and\n   handling of A-Files during specific high-risk operations at facilities,\n   USCIS will continue to expose PII to unmitigated privacy risks.\n\n   Telework Needs Specific Privacy Rules of Conduct\n\n   USCIS faces challenges in protecting PII that is processed by\n   teleworking employees. Specifically, USCIS has not provided\n   specific instructions, including privacy rules of conduct that are\n   related to handling PII during telework. Presently, the USCIS\n   Telework Instruction Handbook (USCIS IHB 123-001) requires\n   teleworkers to ensure that their activities and business processes at\n   the telecommuting site replicate office practices and safeguards\n   that comply with DHS guidance. Presently, USCIS guidance does\n   not provide specific rules of conduct related to the unique risks to\n   handling PII during telework.\n\n\n\nU.S. Citizenship and Immigration Services Privacy Stewardship\n\n                           Page 8\n\x0c   The USCIS program has unique challenges because adjudicators\n   who telework must transport extensive amounts of paper A-Files\n   with them to telework sites. The adjudication of benefits requires\n   the review of multiple folders related to the same applicant that can\n   be several feet thick. The contents of an A-File may range from a\n   single page to hundreds of pages that document the history of\n   interaction between USCIS and the applicant. A-Files may include\n   PII, such as submitted benefits and naturalization forms, dates of\n   birth, photographs, fingerprints, and correspondence from family\n   members or third-party sponsors.\n\n   On average, an adjudicator at a service center who teleworks four\n   days per week will transport about 2,000 A-Files a year between\n   the office and the telework site. Because the service centers have\n   more than 2,000 adjudicators who are eligible for telework, it is\n   possible that 4 million A-Files will be transported by personal\n   vehicle each year. Figure 4 illustrates the size of A-Files that\n   teleworkers can typically transport.\n   Figure 4. Examples of Alien Registration Files\n\n\n\n\n   Source: OIG.\n\n\n   Missing files are identified in a monthly report that also shows the\n   number of missing files per facility. In 2009, the four service\n   centers averaged more than 27,000 missing A-Files each month by\n   on-site employees and teleworkers. Figure 5 lists the number and\n   percentage of missing A-Files at each of the four service centers\n   and the respective telework participation rates. The two service\n   centers with the highest telework participation rates (24% Texas,\n   23% Vermont) have 71% (39% Vermont, 32% Texas) of the total\n   missing A-Files.\n\n   Figure 5. Service Center Telework Participation/Monthly Missing Alien\n   Registration Files Rates in 2009\n                  MISSING A-FILES BY SERVICE CENTERS\n                                 Avg #/ % of                 Telework\n       Service Center\n                                 Missing Files           Participation Rate\n    California                   3,328 (12%)                      7%\n    Nebraska                     4,608 (17%)                      17%\n    Vermont                      10,474 (39%)                     23%\n\n\n\n\nU.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                           Page 9\n \n\n\x0c                    MISSING A-FILES BY SERVICE CENTERS\n                                   Avg #/ % of                  Telework\n         Service Center\n                                   Missing Files            Participation Rate\n      Texas                         8,713 (32%)                    24%\n      Total                       27,123 (100%)\n     Source: OIG analysis of monthly USCIS missing files reports in 2009/Telework\n     participation rates.\n\n\n     Greater telework participation increases the risks to PII because\n     teleworkers are transporting more A-Files to additional locations\n     than if the A-Files were processed at the office. However, the\n     Telework Instruction Handbook does not provide specific privacy\n     rules of conduct related to telework that could prevent the loss or\n     unauthorized exposure of the content of A-Files. For example, the\n     handbook does not include a procedure on how to secure or\n     recover A-Files prior to and after a car accident while\n     telecommuting. As a result, there have been incidents when\n     documents containing PII were exposed. For example, a\n     teleworker was incapacitated following an automobile accident and\n     unable to protect the PII being transported in the car. In another\n     incident, containers that held A-Files were so damaged by the\n     force of the collision that the files scattered out of the car and\n     across the highway.\n\n     If USCIS develops guidance on specific ways to apply privacy\n     rules of conduct for adjudicators who telework that are consistent\n     with DHS Privacy Office Handbook for Safeguarding Sensitive\n     Personally Identifiable Information, then risks to PII during\n     telework may be mitigated. Without privacy rules of conduct for\n     teleworkers, employees have insufficient guidance to replicate\n     office practices and safeguards while telecommuting.\n\nRecommendations\n     We recommend that the Deputy Director of USCIS:\n\n     Recommendation #1: Identify vulnerabilities and ways to\n     mitigate privacy risks to A-Files by conducting privacy impact\n     assessments for high-risk operations at service centers and other\n     field facilities.\n\n     Recommendation #2: Issue privacy rules of conduct for\n     teleworkers, consistent with DHS Privacy Office Handbook for\n     Safeguarding Sensitive Personally Identifiable Information.\n\n\n\n\n  U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                             Page 10\n\x0cManagement Comments and OIG Analysis\n     We obtained written comments on a draft of this report from the\n     Deputy Director of USCIS. A copy of the comments is in\n     Appendix B.\n\n     USCIS concurred with our findings and recommendations.\n     Concerning recommendation #1, USCIS is convening an internal\n     working group, led by the Privacy Officer, with appropriate cross-\n     representation of agency operations to prepare a plan of action to\n     mitigate identified weaknesses within 90 days of the findings.\n     Specifically, the working group will focus on privacy stewardship,\n     review all aspects of A-File processing, ensure that file\n     management achieves full privacy compliance, identify and\n     implement business process improvements, and create and oversee\n     implementation of pertinent guidelines and training. In addition,\n     the Records Operations Handbook/Mail Room Operations will be\n     reviewed to ensure consistency with the DHS Privacy Office\n     Handbook for Safeguarding Sensitive Personally Identifiable\n     Information, and the Office of Security and Integrity/Internal\n     Review Division will update its internal review questionnaire to\n     evaluate compliance with privacy standards. We consider\n     recommendation #1 open, pending our review of documentation\n     that establishes the working group, describes privacy-related plans\n     of action and milestones, and amends USCIS handbooks and the\n     internal compliance questionnaire.\n\n     USCIS concurs with recommendation #2. Within 60 days after\n     agreement with the American Federation of Government\n     Employees, USCIS indicated that it will insert appropriate privacy\n     language, consistent with DHS Handbook for Safeguarding\n     Sensitive Personally Identifiable Information and DHS 4300A, into\n     its Telework Management Directive and Telework Handbook to\n     ensure that staff are aware of their responsibilities. We consider\n     recommendation #2 open, pending our review of documentation\n     regarding such amendments.\n\n\n\n\n  U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                             Page 11 \n\n\x0c        Technical Risks to PII Need to Be Addressed\n                 USCIS has unresolved technical weaknesses that leave PII unprotected in\n                 information systems. Specifically, USCIS does not protect PII that is\n                 stored on removable data devices adequately. In addition, PII that is sent\n                 via email needs better protection. Further, USCIS needs to use system\n                 auditing and monitoring to ensure compliance with privacy protection\n                 requirements.\n\n                          Safeguarding Removable Data Devices\n\n                          USCIS needs to ensure that PII is being protected appropriately\n                          when saved on removable data devices. USCIS MD 140-001\n                          prohibits the use of unauthorized removable data devices, such as\n                          thumb drives and laptops. According to information security\n                          managers at headquarters, they have the ability to detect and\n                          disable unauthorized removable data devices on its network.\n                          However, information security managers told us that USCIS is not\n                          using the detection application because it cannot differentiate\n                          devices attached to the network. Instead, the application will\n                          disable all attached devices on the network. Further, our testing at\n                          several workstations that contained PII at different facilities\n                          indicated that the safeguards were not functioning. We were able\n                          to connect and use several unauthorized removable data devices.\n\n                          In addition, USCIS needs to improve the use of encryption to\n                          protect PII on removable data devices, as required by OMB M-07\xc2\xad\n                          16. 4 For example, one of the systems we reviewed, the Customer\n                          Profile Management System, does not encrypt applicant\n                          information before it is transferred to removable data devices.\n                          Further, USCIS reported privacy incidents, such as when an\n                          employee lost an unencrypted government thumb drive containing\n                          PII at a public airport. A civilian recovered and returned the\n                          thumb drive to USCIS. Because the data on the thumb drive were\n                          unencrypted, anyone could access the PII contained on the device.\n\n                          Information security managers told us that USCIS is looking into\n                          possible solutions to track all removable data devices and to\n                          standardize encryption on these devices. Until these solutions are\n                          implemented, PII being stored on removable data devices will\n                          remain vulnerable to unauthorized disclosure.\n\n\n\n4\n Encryption is the process of using algorithmic schemes that encode plain text into nonreadable form or\ncyphertext, providing privacy and security of information.\n\n\n                       U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                  Page 12 \n\n\x0c                           PII in Emails\n\n                           USCIS employees need to ensure that PII is protected adequately\n                           when transmitting it via email. According to DHS Sensitive\n                           Systems Policy Handbook 4300A, components must consider\n                           encryption technologies to protect PII when transmitting it via\n                           email. Generally, USCIS employees use various methods to\n                           protect PII, such as using a password to protect an email\n                           attachment or public key infrastructure, if available. 5 However,\n                           privacy incidents have occurred because these methods have not\n                           been used consistently. USCIS reported privacy incidents\n                           involving employees who have sent unencrypted emails that\n                           contain PII to recipients outside of DHS. During a 2-year period\n                           (2008 and 2009), USCIS reported that 71 (41%) of 173 privacy\n                           incidents involved unencrypted emails containing PII. 6\n\n                           System Auditing and Monitoring\n\n                           USCIS does not employ auditing and monitoring of systems\n                           containing PII to ensure compliance with applicable privacy\n                           protection requirements. The DHS Privacy Office Privacy\n                           Technology Implementation Guide recommends that components\n                           audit the actual use of PII and monitor any system with PII.\n                           USCIS information security managers told us that existing systems\n                           have technical limitations that make auditing and system\n                           monitoring not feasible. Instead, they plan to replace existing\n                           systems and software with ones that will have auditing and system\n                           monitoring capabilities. Meanwhile, important case management\n                           systems\xe2\x80\x94such as USCIS Benefits Processing of Applicants other\n                           than Petitions for Naturalization, Refugee Status, and Asylum and\n                           USCIS Computer Linked Application Information Management\n                           System\xe2\x80\x94do not use system auditing and monitoring. See\n                           Appendix E for types of PII maintained within these systems.\n\n                  Recommendation\n                           We recommend that the Deputy Director of USCIS:\n\n                           Recommendation #3: Develop plans and milestones for\n                           mitigating the technical weaknesses in PII systems regarding\n\n\n5\n  Public key infrastructure is the combination of software, encryption technologies, and services that\nenables enterprises to protect the security of their communications and business transactions on networks.\n6\n  The remaining incidents involved employees not maintaining control of paper PII files during\ntransportation or employees mailing files to the wrong facility or recipient (80 incidents, 46%) or the loss\nof removable data devices containing PII (22 incidents, 13%).\n\n\n                       U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                                                   Page 13\n\x0c     removable data devices, encryption, and system auditing and\n     monitoring.\n\nManagement Comments and OIG Analysis\n     USCIS concurs with recommendation #3. The USCIS Chief\n     Information Security Officer has issued written guidance on using\n     or transporting sensitive information in portable storage devices\n     and is working with USCIS Office of Contracting, USCIS Office\n     of Administration\xe2\x80\x99s Asset Management Branch, and DHS\n     Efficiency Review Board regarding statements, policies, and\n     tracking of authorized encrypted universal serial bus devices. In\n     the interim, USCIS is researching capabilities to disable use of\n     nonauthorized universal serial bus devices on the network and\n     working with the USCIS Office of Contracting to prevent\n     government purchases of nonauthorized thumb drives. The Chief\n     Information Security Officer will be overseeing full\n     implementation of public key infrastructure by September 2012.\n     In the interim, users are to follow instructions on the agency\xe2\x80\x99s\n     Intranet on using WinZip to password protect or encrypt emails\n     and attachments. In addition, USCIS plans to issue a policy on\n     audit and accountability, and implement efforts regarding network\n     monitoring, performance testing, and storing audit logs. We\n     consider recommendation #3 open, pending our review of\n     documentation of such efforts.\n\n\n\n\n  U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                             Page 14 \n\n\x0cPhysical Security Standards Need Consistent Enforcement to\nProtect PII\n     USCIS employees handle large volumes of PII and often face challenges\n     when safeguarding paper-based PII files and other sensitive information.\n     Physical security addresses perimeter, exterior, and interior measures for\n     securing and protecting PII. These measures should protect buildings and\n     related infrastructure against threats from various sources. However,\n     USCIS has not implemented physical security standards consistently at its\n     facilities to protect PII and other sensitive information.\n\n     The Privacy Act requires agencies to establish physical safeguards to\n     protect PII. The DHS Privacy Office Handbook for Safeguarding\n     Sensitive Personally Identifiable Information provides guidelines on how\n     to protect PII in different physical environments, contexts, and formats,\n     and what to do if PII may have been compromised. Further, according to\n     National Institute of Standards and Technology Special Publication\n     800-12, An Introduction to Computer Security, physical security involves\n     access controls that restrict entry and exit of personnel and barriers to\n     isolate areas. Access controls include card key readers, turnstiles,\n     closed-circuit television cameras, motion and intrusion detection, security\n     lighting, perimeter fencing, and contingency planning. Figure 6 shows\n     examples of controls for physical access.\n\n     Figure 6. Examples of Controls for Physical Access\n\n\n\n\n     Source: OIG.\n\n\n     In 2008, USCIS established a physical security division to address\n     physical safeguards for 249 facilities worldwide to ensure consistency in\n     the application of physical safeguards at each facility. In June 2010,\n     USCIS finalized and posted Facility Security Standards on its Intranet site\n     with minimum requirements to protect personnel, property, and assets at\n     all facilities. Our inspections of 22 facilities determined that physical\n     security standards are not consistent with the Facility Security Standards.\n     According to officials from the Office of Security and Integrity (OSI) at\n     USCIS headquarters, many facilities are trying to implement the new\n\n\n          U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                                    Page 15\n\x0cphysical security standards. OSI has issued a checklist that facilities can\nuse to self-certify compliance with the standards, but many facilities have\nnot filled existing staff vacancies for their security managers to implement\nthe standards. Although OSI staffs are aware that similarly functioning\nfacilities have inconsistently implemented the standards, it has not\nestablished how it will verify that standards were implemented properly in\neach USCIS facility.\n\nFurther, our site inspections revealed inconsistencies with the\nimplementation of standards for access controls (e.g., card key readers,\nclosed-circuit television, security lighting, perimeter fencing, restricted\nparking, contingency planning) used to identify, track, or record\nauthorized personnel, entry, or exit in areas where PII is being transported,\nhandled, or stored. For example:\n\n   \xef\xbf\xbd\t Recording length of closed-circuit television tapes. The\n      standard requires that closed-circuit television tape recordings be\n      maintained for a minimum of 30 days. However, at several\n      facilities that we inspected, physical security managers maintained\n      tape recordings from 19 days to 60 days.\n   \xef\xbf\xbd\t Existence of contingency plans. The standard requires facilities to\n      maintain contingency plans to ensure continuity of operations.\n      However, according to physical security managers, several facilities\n      either do not have contingency plans or have incomplete plans.\n\nUSCIS needs to enforce the consistent implementation of physical security\nstandards to protect PII files throughout its facilities. Inconsistencies in\nthe implementation of standards can result in the loss or disclosure of PII\nand other sensitive information.\n\nRecommendation\n       We recommend that the Deputy Director of USCIS:\n\n       Recommendation #4: Enforce the consistent implementation of\n       physical security standards.\n\nManagement Comments and OIG Analysis\n       USCIS concurs with recommendation #4. USCIS OSI created a\n       multiyear strategy to update USCIS access control and closed-\n       circuit television systems nationwide. USCIS is assessing physical\n       security countermeasures and policies to protect personnel,\n       property, and assets at headquarters offices adequately. By the end\n       of FY 2011, USCIS plans to address security countermeasures at\n\n\n    U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                              Page 16\n\x0c   field offices and service centers. In addition, to promote consistent\n   access control policy and procedures at USCIS-controlled space\n   and aid implementation across the enterprise, OSI plans to\n   disseminate its draft instructional handbook for review and\n   comment by the end of FY 2011. We consider recommendation #4\n   open, pending our review of documentation from such efforts.\n\n\n\n\nU.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                           Page 17 \n\n\x0cPrivacy Training and Awareness Need Improvement to Increase\nEffectiveness\n     The Privacy Act requires agencies to establish appropriate administrative\n     safeguards to protect PII. These safeguards include privacy training and\n     awareness activities. Although USCIS provides required annual refresher\n     privacy training, manager and employee recommendations indicate that\n     improvements are needed.\n\n     We conducted a survey of USCIS privacy culture and solicited opinions\n     on how its workforce could improve their understanding of privacy. See\n     Appendix F for survey methodology and results. Sixty-two percent\n     (2,179) of 3,497 written comments by survey respondents related to\n     improvements to privacy training and awareness.\n\n            Add Job-Specific, Advanced, or Specialized Privacy Training\n\n            OMB M-07-16 requires that privacy-related communications and\n            training be related more specifically to the jobs that employees\n            perform. In addition, OMB promotes advanced or specialized\n            training to improve employees\xe2\x80\x99 understanding of their privacy\n            responsibilities in their daily work activities. However, USCIS\n            does not have standardized job-specific, advanced, or specialized\n            privacy training programs to meet the needs of employees.\n\n            Overall, survey respondents who provided written comments\n            related to improving job-specific, advanced, or specialized training\n            also offered suggestions on how USCIS could implement privacy\n            safeguards into their daily work. Most suggestions are related to\n            the following five categories 1) developing more training that\n            incorporates privacy on-the-job, 2) integrating more real-world\n            examples where privacy safeguards could be applied,\n            3) embedding privacy into standard operating procedures,\n            4) holding more staff briefings on privacy, and 5) increasing\n            opportunities for peer discussions and supervisor mentoring on\n            privacy.\n\n            Managers recognize the importance of embedding privacy\n            safeguards in daily work, but they have not assessed their needs or\n            approaches for more job-specific privacy awareness, procedures, or\n            training with their employees. The Office of Privacy recognizes the\n            importance of having job-specific, advanced, and specialized\n            privacy training programs. However, it does not have sufficient\n            resources to identify the specific requirements and needs for\n\n\n\n         U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                                   Page 18\n\x0c   additional training related to the variety of job operations performed\n   by employees.\n\n   Implementing the recommendations of managers and employees\n   for job-specific or advanced privacy training can increase the\n   effectiveness of annual privacy training. Specifically, employees\n   will be able to apply broader privacy concepts to their specific\n   jobs. To improve privacy implementation, USCIS will need a\n   collaborative effort among operational managers, supervisors, and\n   program-level experts with assistance from the Office of Privacy to\n   identify requirements for job-specific privacy training. Without a\n   collaborative effort to leverage the limited time and resources of\n   each group in addressing similar needs, employees may interpret or\n   apply privacy protections inconsistently.\n\n   Increase Frequency and Vary Methods for Additional Privacy\n   Training\n\n   The DHS Privacy Office Guide to Implementing Privacy\n   recommends that components employ different methods to deliver\n   privacy training. Also, survey respondents recommended that\n   USCIS increase frequency and vary the methods of delivering\n   additional privacy training through the use of videos,\n   videoconferencing, teleconferencing, and simulations.\n\n   USCIS deploys primarily an online computer course for annual\n   privacy training because USCIS has a diverse workforce spread\n   across 250 offices around the world. Although the Office of Privacy\n   provides some instructor-led training for smaller groups at specific\n   locations, this office does not have adequate resources to expand\n   training or employ additional technology to improve the nature and\n   methods of training. However, we observed that some facilities had\n   the capability to use technological enhancements, such as\n   broadcasting in-person training using videoconferencing. Without\n   varying the approach, delivery, and frequency of privacy training,\n   USCIS will not be able to communicate important and timely\n   information to employees in a more meaningful format and\n   approach.\n\n   Increase Privacy Awareness Activities\n\n   OMB M-07-16 recommends that agencies should augment privacy\n   training by using creative methods to promote daily awareness of\n   the employees\xe2\x80\x99 privacy responsibilities. However, according to\n   managers and employees whom we interviewed, USCIS could\n\n\nU.S. Citizenship and Immigration Services Privacy Stewardship\n\n                          Page 19\n\x0c   improve and increase privacy awareness. Survey respondents\n   suggested specific privacy awareness activities. Examples include\n   weekly privacy tips, privacy email reminders, flyers, banners,\n   wallet-sized cards, and posters.\n\n   Figure 7 illustrates posters that heighten the workforce\xe2\x80\x99s awareness\n   that records represent people\xe2\x80\x99s lives and contain personal and\n   confidential information. Similar posters can remind employees\n   about the importance of safeguarding privacy in their daily work.\n\n   Figure 7. Records Are People, People\xe2\x80\x99s Lives\n\n\n\n\n   Source: USCIS Records Division.\n\n\n   Require Privacy Training for Contractors\n\n   The DHS Privacy Office Handbook for Safeguarding Sensitive\n   Personally Identifiable Information and Privacy Incident Handling\n   Guidance establish privacy responsibilities for both DHS\n   employees and contractors. USCIS MD 140-001 also requires\n   employees and contractors to complete annual privacy training.\n\n   USCIS relies on contractors to assist with operations that require the\n   handling of PII, such as file room operations, data entry, and\n   information technology help desk. Although contractors comprise\n   about 40% of the USCIS workforce, existing contracts do not\n   contain requirements for contractor staff to complete annual privacy\n   training. According to USCIS, the intent of these contracts was to\n   maximize productivity. Therefore, they did not consider adding a\n   privacy training requirement to the contractors\xe2\x80\x99 scope of work that\n   would allocate time for training in lieu of production work.\n\n\n\n\nU.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                           Page 20 \n\n\x0c     Presently, the Office of Privacy, the Office of Contracting, and the\n     General Counsel are planning to develop privacy training clauses\n     for use in contracts. Without these clauses, USCIS is unable to\n     require contractors to take privacy training. By not enforcing\n     privacy training for these contractors, USCIS is exposing the\n     public\xe2\x80\x99s PII to unnecessary risks.\n\nRecommendations\n     We recommend that the Chief Privacy Officer of USCIS:\n\n     Recommendation #5: Implement employee recommendations\n     into plans for privacy training and awareness.\n\n     We recommend that the Deputy Director of USCIS:\n\n     Recommendation #6: Establish a working group to develop a\n     standardized process to ensure that privacy training clauses are\n     inserted and enforced in contracts related to the handling or\n     maintenance of PII.\n\nManagement Comments and OIG Analysis\n     USCIS concurs with recommendation #5. USCIS has integrated\n     privacy awareness information in current computer security\n     training that emphasizes that all personnel must be able to identify\n     PII and know proper handling guidelines. In addition, USCIS\n     plans to deploy customized privacy training modules for all\n     employees and contractors about 1) privacy fundamentals for the\n     general workforce and 2) targeted training for PII handlers. Also,\n     USCIS scheduled a Privacy Awareness Week that included privacy\n     awareness-building activities, guest speakers, privacy training, and\n     the introduction of a series of one-minute training videos on\n     privacy issues. We consider recommendation #5 open, pending\n     our review of documentation from such efforts.\n\n     USCIS concurs with recommendation #6. Through an established\n     working group consisting of the Offices of Privacy, Chief Counsel,\n     and Contracting, USCIS has finalized clauses that mandate PII\n     training for contractors. In addition, USCIS has drafted statements\n     of work for privacy review and determination related to 85 existing\n     contracts and as part of a mandatory privacy review by its Privacy\n     Officer on all new acquisitions over $100,000. We consider\n     recommendation #6 open, pending our review of documentation of\n     such efforts.\n\n\n  U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                            Page 21\n\x0cAppendix A\nPurpose, Scope, and Methodology\n\n                   Our objectives were to determine whether plans and activities at\n                   USCIS instill and promote a privacy culture and whether it complies\n                   with federal privacy laws and regulations. As background for this\n                   audit, we researched federal laws and guidance related to\n                   responsibilities for privacy protections at USCIS. We reviewed\n                   testimonies, documentation, and reports related to USCIS privacy,\n                   information technology security, and program management.\n\n                   We interviewed officials from the DHS Privacy Office, USCIS\n                   Office of Privacy, Service Center Operations Directorate, Field\n                   Operations Directorate, Refugee, Asylum, and International\n                   Operations Directorate, Fraud Detection and National Security\n                   Directorate, Customer Service Directorate, Enterprise Services\n                   Directorate, Office of Transformation Coordination, and\n                   Management Directorate. We interviewed more than 150 program\n                   managers, information system, and facility security professionals\n                   at headquarters and field sites regarding privacy activities. More\n                   than 5,600 federal employees responded to our Privacy Culture\n                   survey regarding their opinions on privacy stewardship and\n                   knowledge of the Privacy Act of 1974, PII handling, and privacy\n                   incident response. Of these respondents, 3,497 offered written\n                   comments and suggestions on the status, issues, or challenges in\n                   privacy stewardship. (See Appendix F.)\n\n                   We reviewed work production plans, continuity of operations\n                   plans, system security documentation, privacy impact assessments,\n                   system of records notices, and program-level application of federal\n                   privacy laws and guidance. We observed the processes and\n                   inspected 22 facilities for the collection, handling, processing,\n                   maintenance, and storage of PII. Facilities included the four\n                   service centers, National Benefit Center, National Records Center,\n                   Western Telephone Center, regional offices, field offices, asylum\n                   offices, and application support centers.\n\n                   We conducted this performance audit between June and December\n                   2010 pursuant to the Inspector General Act of 1978, as amended,\n                   and according to generally accepted government auditing\n                   standards. Those standards require that we plan and perform the\n                   audit to obtain sufficient, appropriate evidence to provide a\n                   reasonable basis for our findings and conclusions based upon our\n                   audit objectives. We believe that the evidence obtained provides a\n                   reasonable basis for our findings and conclusions based on our\n                   audit objectives.\n\n\n\n                U.S. Citizenship and Immigration Services Privacy Stewardship\n\n                                          Page 22\n\x0cAppendix A\nPurpose, Scope, and Methodology\n\n                   The principal OIG points of contact for the audit are Frank Deffer,\n                   Assistant Inspector General, Information Technology Audits, and\n                   Marj Leaming, Director, System Privacy Division, at (202) 254\xc2\xad\n                   4100. Major OIG contributors to the audit are identified in\n                   Appendix G.\n\n\n\n\n                U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                           Page 23 \n\n\x0cAppendix B\nManagement Comments to the Draft Report\n\n\n                                                                           1l.5.1kJowl....., .1\' "._"" ScnrllJ\'\n                                                                           us. CUaIIloip end \' - . . .. . s.m\xc2\xad\n                                                                           OJIfa.dN nu-(M$ lllOll)\n                                                                           W......... OC 2OS29-2OOO\n\n                                                                           lLS.CitizensbJp\n                                                                           and Immlgranon\n                                                                           Services\n        APR 29 lOll\n\n        Memorandum\n        TO:           Frank Deffer\n                      Assisl:ant lnspoctor General, lnimnation Technology Audia\n\n        FROM:         Lauren Kie1smeier r J  1(, . fJ.J1 ,.,,:        --\n                      Actina Deputy   D~~~mmigTUionServices\n        SUBJECT:      usas Response to OIG RecoounematioDS re USCiS Primcy Sle\'Warrisllip - For\n                      OffICial Use Only\n                      O/G Projut No. 10-144-/TA-USCIS\n\n        USCIS appreciates the opporttmity to review and comment on lhe subject report.\n\n        R~ramtDdadoD IH:       lde:atify vulDtnbiUti" and way\' to mldptt privacy risks to A-fl!o\n        by conducting privacy implct IJJeSsmenls for blgb risk operations It service ctnttrs and\n        other fidd activities.\n\n        USCIS\'. Response: uscrs concurs with this reoommendation. The report notes tha1 during lhe\n        period of review (2008 and 2(09) 31% of privacy incidents involved employees\' lack ofcontrol\n        over A-files as the files passed througb subsequent operations or during transport. USClS\'s\n        current operations require the creation and use of paper Alien Registration Files (referred to as\n        A-files) throughout the adjudication process. The files are manually transported to various\n        offices depending on the level and extent ofadjudication required. The USCIS Office of Privacy\n        notes that the majority of the incidents cited in the report were the result ofexternal errors\n        outside the control of uscIS employees (e.g., courier incidents). However, any privacy incident\n        is unacceplable and uscrs recognizes the need to implement processes and procedures to\n        minimize the possibility ofsuch incidents occurring. The following paragraphs discuss the\n        actions taken to address this reoonunendation.\n\n        USCIS will establish a working group led by the Privacy Officer and consisting of\n        representatives from USCIS Programs and Directorates to review the handling and movement of\n        A-files across the agency. The working group will review all aspects of file processing at uscrs\n        to ensure full compliance with all pertinent regulations that addtess file management.\n        Additionally, the group will focus on Privacy Stewardship. The working group will identifY and\n        implement improvements in business processes and oversee the refinement, creation and\n        dissemination (to include training) of implementing guidelines and directives to ill uscrs\n        personnel.\n\n\n\n\n                                           - For Official Use Only-\n\n\n\n\n                     U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                    Page 24\n \n\n\x0cAppendix B\nManagement Comments to the Draft Report\n\n\n\n\n                                             - For Official Use Only\xc2\xb7\n        USCIS Response to OIG Rec:ommendal:iollS re USCIS Privacy Stewardship - For Ojficwl U$~\n        Only/OIG Project No. JO-U4-ITA.-USCIS\n        -..."\n\n        At preseol, lhe Reoords Operations Handbook (ROO) desc:nba Mail Room Operations at USCIS\n        (ie., bow files lII\'e received and moved at USCIS). in addition to lhc creation, storage, and\n        traekiDg ofall files. The ROH is an enduring handbook that is regularly reviewed 10 ensure\n        accurac:y and consistency with operational procedures. The ROH will be filrth\xc2\xa3r reviewed and\n        amended to ensure it discusses policy and provick:s guidance consW.CllI with lhc DHS Handbook\n        ilr Safeguarding Sensitive Personally IdClllifiable lni)rmatioo (PD).\n\n        In 2007. !he USCIS Office of Security and Integri!:y (OS1). 10lema! Review Division dl:Ydopa:l.\n        an internal re\'Vic:w questionnaire to evaluate !he Records Program lit USCIS file control offices.\n        OSI works with lhc Records Division to ensure that !he questionnaire is updated on a regular\n        basis to rcflcd c:urrcot records policy. OSI will update lhc questionnaire to ensure that in the\n        future we evahwe compliance with privacy standards. This process will help USCIS detcnnioe\n        internal weaknesses and filcilitate a process to mitigate those wea1cDcssc:s via training and policy\n        clw>.~\n\n        As pan ofits TransfOrmatioo Program, USCIS is further mitigating lh.is risk by transitiooing to\n        lhc Integrated Opcraring Environment OOE). In lhc IOE, USCIS will nol have 10 physically\n        lransport the files between facilities, because the relevant files will be available through lhc\n        IOE\'s secure online environmeot. As lhc IOE is implemented, lhc number of files requiring\n        physical transport will gradually decrease, because new benefit seekers will only have online\n        files. USCIS employees (incluiling tbose 00 leltwork) will simply \'og in 10 the IOE, rather than\n        carrying files to and from their homes.\n\n        USCIS believes an ahcrnalive approach to conducting privacy impaet assessments shoukl be\n        utilized in identifying and assessing high risk operations at service centers and other field\n        activities. USCIS recommends convening an internal working group with appropriate cross-\xc2\xad\n        representation from agency operations as a more feasible approach. USCIS Executive\n        Leadership would establish the working group to identify potential weaknesses and establish a\n        plan ofaetion and milestones for mitigating the findings. USCIS anticipates establishing a\n        working group within 90 days ofthis response. USCIS also plans to identify weaknesses and\n        potential mitigation to each weakness, 90 days from the findings.\n\n        R~OlDmendation    #2: Issue privacy rules of conduct for teleworkers, consistent with DRS\n        Privacy Office: Handbook for Safeguarding Sensitive PenonaUy Idenllfiable Information.\n\n        uscrs\'s response: USCIS amcurs with this recommendation. The 010 review identifies the\n        unique challenges to privacy stewardship with respect to Telework and lOcusc::s on USClS\n        Service Centers; however, it shoukl be noled at the time DHS (and USCIS) was established in\n        2003, lelcwork was already in place as a pi\'ot program at lhc USCIS Service Centeno The\n        removal ofA-files to ahcmate worlcsites was an established work practice al USCIS Service\n        Centers. The USCIS Telcwork MD was actually finalized in January 2009 after USCIS\n        co"1\'lcled its negotiations with lhc American Federation ofGovcmmcn! Emp\'oyees (MOE).\n        USCIS will insert lhc appropriate language in lhc Telework MD to ensure staffis awllI\'e of their\n\n\n                                             - For Official Use Only.\n\n\n\n\n                     U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                      Page 25\n \n\n\x0cAppendix B\nManagement Comments to the Draft Report\n\n\n\n\n                                            - For Official Use Only-\n         USCIS Response to DIG Recormnendal:ions re USClS Privacy Stewardship - For OffICial Use\n         OnlyIOJG Proj\xc2\xab:t No. J(J.U4-ITA-USaS\n         Page 3\n\n         responsibility to properly seo::ure and protect PD .. aU times. The Telcwork MD revision will\n         ensure usas\' Telcwork Program conbrms to the "DHS Handbook i>r Safcguaniiog Sensitive\n         PU" and DHS DP.:tivc 4300A, "Sensitive Systems Policy." Once the revised MD is prepared,\n         USCIS will work with AFGE to obtain their agrcc:mcnt on the revisions. USCS will also amend\n         its Telcwork HaDdbook to msurc coosisl:mcy wilh USCIS MD and the DHS handbook. The\n         amcodmcnt to the Teicwork MD will be aeoo~\\jshcd within 60 days der an tgrttmCDI is\n         reached with the Bargaining Unit.\n\n        Once USCIS deploys the IDE, tbc Deed hr tclcwork pc:rsoooci to transpOrt filc:s will gradually\n        diminish. The IDE\'s collabol1l1ive refemI and case management capabilities will provide a\n        secure ahcmativc to cmailing PU.\n\n        Recommendation 1#3: Develop plaOJ and milestODCI for mitigatlog the technical\n        lIt\xc2\xb7takoenu lo PO systems regllrding nmovable data devices, encryption and system\n        aUditing Ind monitoring.\n\n        USClS\'. respoose: USCIS concurs with this recommendation. The Office oflnlOrrnation\n        Tecltnology (01T) has initiated the deployment of Public Key Infrastrocture(PKl) certificates\n        agency-wide. The Chief Information Security Officer (CISO) is overseeing the implementation\n        oftlle PKJ and the goal is to have certificates issued to 40% ofaU USCIS employees by\n        September 2011 and the remaining 60% by September 2012. The PKI certificates integrate with\n        the agency\'s e-mail systcrn so users can encrypt cmaiis and attachments. In the interim, users are\n        instructed to password protect or encrypt attachments using WinZip. Instructions on the use of\n        WinZip are posted on the agency\'s intranet.\n\n        To ensure compliance with privacy standards when utilizing thumb drives, OIT is currently\n        working on the fOllowing activities;\n\n               Researching the capabilities of McAfee cPolicy Orchestrator and Windows 2007\n               software to disable the use ofnon-authorized USB devices on the network.\n               Working with the Office ofContraeting to develop a process to prevent the purcllase of\n               non-autoorized thumb drives on Agency Purchasing Cards.\n               Working on the identification and removal of all thumb drives that do not have\n               encryption capability or do not comply with FIPS 140-2 encryption standards.\n               Working with the Office ofAdministration\'s Asset Management Branch to ensure all\n               govemmcnt purchased thumb drives are imprinted with a unique identification number\n               and tracked in the Agency\'s Asset Management System.\n               Participating on the DHS Efficiency Review Board to finalize the DHS Statement of\n               Work (SOW) for the acquisition ofEncrypted USB DevicCi.\n               Issuing a USCIS policy memorandum on the use of portable USB storage devices on the\n               n"w,,,~\n\n\n\n\n                                           \xe2\x80\xa2 For Official Use Only\xc2\xb7\n\n\n\n\n                    U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                    Page 26\n \n\n\x0cAppendix B\nManagement Comments to the Draft Report\n\n\n\n\n                                            - For Official Use Only\xc2\xb7\n\n        USCIS Response to 010 Recommendations re        usas Prlvocy Steward3hip -     For Ojfu:i41 Use\n        Only/GIG ProjeclNo. 10-U4-ITA-USaS\n        Page 4\n\n\n        On lanuary 25, 2011, the ClSO issued written guidance on the use ofponable storage devices.\n        The ClSO\'s guidance provides inilrmation on properly tl1lnSpOning inimnaUon in electronic\n        ilrm and instructs personnel to adhere to DHS MD 11047, "Proted.ion of Classified National\n        Secvny lnilrmation Transmission am Transponation," and DHS MD 11042.1, "Safeguarding\n        Sensitive But Unclassified (For Official Use Only) Inilrmation" when transporting sensitive\n        inilrmation in paper i)rm.\n\n        OIT is currently working on the illlowing activities cooccming the auditing and monitoring of\n        USCI S inilrmation syst=\n\n               nr.fting the USclS Audit and Accouutability MD; this policy will mandale the\n               configuration of III USCIS inilrmation systems to record an user actions within the\n               system. It will a!so require PD systems to connect to the enterprise audit hg comparison\n               tooL The MD is scheduled to be released by Septeui:lc\' 30. 2011.\n               I~k:mcnting a network monitoring tool to integrate legacy inlOrmation systems with the\n               entCl\'prise audit log comparison tooL\n               Conducting perilllnance testing on one of the ease management systems to ensure the\n               use of the monitoring tools does not impede application perimnance..\n               Identifying available storage k>cations tor ease management system\'s audit logs.\n\n        Reeommendation #4: Enforce the ronsistent implementation of physlealsecurity standards.\n\n        USCIS\', re,pon~: USCIS OODCUfS with this reoommendation. USCIS employs physical\n        security standards across the enterprise; the most recent achievement was the implementation of\n        USCIS IHB 121-01-601, \'\'Facility Security Standards (FSS)" in lune 2010. Using the USCIS\n        Physical S\xc2\xaburity Inspection Workbook (based on standards outlined in the FSS), OSI is\n        assessing USCIS Headquarters (HQ) offices to determine if the building infrastructure and\n        security COWltenneasures adequately protect USCIS personnel, property, and assets. USCIS will\n        implement physical security countermeasures and policies based on each facility\'s Wlique\n        operating environment. OSI will begin assessing field offices and service centers during the\n        latler part of fiscal year 2011.\n\n        In addition to assessing security countenneasures at field offices and serviee centers, OSI created\n        the Electronic Security Systems (ESS) Nationwide Deployment Project in September 2010. ESS\n        is an element ofOSI\'s Homeland security Presidential Directive 12 (HSPD-12) implementation\n        plan and its primary lOcus is to updaIe USCIS access control systems to meet Federal\n        Information Processing Standards (FlPS) 201 and HSPO-I2 standards. The ESS Project is a\n        muhiyear strategy that will integrate, standardize and upgrade or replace many USCIS access\n        control and ccrv systems nationwide.\n\n        It is important to note that USCIS primarily occupies multi-tenant facilities nationwide. In a\n        multi-tenant facility. a USCIS representative is a member of the Facility Security Committee\n        (FSC). Each Fsc, which is made up of tenants in the facility, considers and makes decisions on\n\n\n                                            - For Official Use Only-\n\n\n\n\n                    U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                     Page 27\n \n\n\x0cAppendix B\nManagement Comments to the Draft Report\n\n\n\n\n                                             - For Official Usc Only.\n        USCIS Response 10 DIG Recommendations III usas Privocy Stewt:lnhltip - For Official Use\n        Only/GIG Project No. 1{}-/44-ITA.-USCIS\n        PageS\n\n        facility security ma!tC\'ZS1O include physical ~mJ.ry conlrOl (into the faciJity- DOl into tenant\n        wolbpace). COIllnlCl guard staffing, saeeoing procedures, and other facility security measures.\n        Because USCIS resides in a variety of&cilities (e.g., multi-tmam, high-rise or muhi-story) with\n        varying Facility Secutty Levels (FSLs) pbysical security couutermeasures and policies will vat)\'\n        between &cilitics.\n\n        The subjecl report cites !be inconsistent application ofaccess control sysr.ems and other\n        supplemcotllty security countermeasures that are used 10 miigale polmtial threats 10 personnel in\n        areas where PI! is being uansported, bandied, or stored. Specifically, the report expands on the\n        ilUowing:\n\n            \xe2\x80\xa2   Recording LengIh of Closed-Circuit Television Tapes\n            \xe2\x80\xa2   Adoquale ExlcmaI Security Lighling\n            \xe2\x80\xa2   Adequate Applicalion ofPerimel:er Batriers\n            \xe2\x80\xa2   Adjacc::nl Surface Parlting Distances\n            \xe2\x80\xa2   Existence ofCottingmcy Plans\n\n        As mentioDed, USCIS implements physical security countenne&SUfeS and policies based on each\n        facility\'s unique openring environment---eacb. fociJity\'s urUque situation dictates the feasibility\n        and availability ofsecurity countcnnc&5un:$.. For example, there arc three major l\'aetOI\'5 that play\n        \xe2\x80\xa2 role in the application of perimeter batricn:\n\n           1) The availability ofreal estate 10 support the countermeasure. Fixed in-grolIDd boUards\n              may oot be instaned in some areas because the ground is too fragile and unable to support\n              the weigh! oftbe materials.\n           2) Local city/municipality, county, or state planning conunissions may 001 allow the Federal\n              government to place perimeter batriets around its facilities. Many local governments\n              explain that baniers are oot aesthetically pleasing to the eye.\n           3) USCIS receives security risk assessments from the Federal Protective Service (FPS) that\n              idenlifY potential threats to the facility and its peI\'5OMel and assets. Baniers are nOt\n              installed ifit is detemtined that the level ofthreat 10 the agency does not warrant the\n              installation ofthe countermeasure.\n\n        Essentially, the FSS provides a minimum level of protection in its application of perimeter\n        barriers at USCIS facilities; however, the level ofprotCdion can be customized once the risks\n        have been identified and all parties (with decision making authority) agree that the risk does or\n        docs not warrant the countermeasure.\n\n        Lastly, another step toward standardization resides in the implementation ofwritten policy and\n        procedures. OSI has a draft instructional handbook OHB) that promotes consistent access\n        control policy and procedures al USCIS controlled space: USCIS lHB 121-01-632, USCIS\n        Headquarters Access Control The USCIS HQ Access ControllHB will be disseminated 10\n\n\n\n                                             - For Official Use Only\xc2\xb7\n\n\n\n\n                     U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                     Page 28\n \n\n\x0cAppendix B\nManagement Comments to the Draft Report\n\n\n\n\n                                            - For Official Use Only-\n        USCIS Response to OIG Recommendations re USCIS Privacy Stewardship - For Official Use\n        Only/GIG Project No. JQ-U4-ITA-USCIS\n        Page 6\n\n        stakeholders.for review and comment with a tentative implementation date of41h Quarter FYI!.\n        Field offices will be advised to utilize the USCIS HQ Access Control IHB as a modeVtemplate to\n        implement consistent access control policy across the enterprise with the understanding that\n        some access control procedures/measures must be tailored specifically to their unique operating\n        environment. This draft IHB will bridge the gap in overarching access control policy and\n        procedures while awaiting DHS Department-wide access control policy\n\n        Recommendation #5: Implement employee recommendations into plans fOf privacy\n        training and awareness.\n\n        USClS\'s response: uscrs concurs with this reconunendation. USCIS had previously taken\n        some steps to implement employee recommendations into instructor-led training. These\n        include: presenting real-world e;Qlmples ofcommon types ofPIUdata security breaches USCIS\n        cJ;pcrienccs and how they were mitigated; clarifying USCIS policy on transmission ofPII via\n        email (subsequently, as a result, the USCIS Privacy Officer issued additional guidance), and\n        increasing the variety ofprivacy training utilizing multiple forms ofdelivery including\n        computer-based, instructor-led (both in-person and via webinar), videos, and relying on the\n        USCIS Office of Privacy\'s intranet web page. USCIS will continue to implement employee\n        recommendationS into privacy training and awareness activities.\n\n        In FY 2011 USCIS will deploy two new custom privacy awareness training modules which\n        integrate multiple-choice, true/false, case studies, and scenario-based questions, and utilize the\n        latest in training technology. AU USCIS employees and contractors will be required to complete\n        the training annually. One training module is targeted to the general workforce and covers\n        privacy fundamentals, DHSfUSCIS privacy policy, and other privacy requirements as mandated\n        by the Privacy Act. Consistent with OMB Memorandum 07\xc2\xb716, \'\'Safeguarding Against and\n        Responding to a Breach ofPersonally Identifiable Information", the second training module is\n        targeted to USCIS system business owners, program and system managers, and others whose job\n        responsibilities require more frequent access or use ofPII. USCIS will also develop a series of\n        short one-minute training videos on privacy issues. These training videos will enable USCIS to\n        increase the frequency ofprivacy training, implement more privacy awareness activities, and\n        develop technologically enhanced methods oftraining. These training videos can also be\n        designed to be job-specific as recommended. USCIS plans to launch these videos during Privacy\n        Awareness Week. Additionally, OIT includes privacy awareness infonnation in their computer\n        security awareness training activities. OIT\'s training emphasizes the USCIS Rules o.fBehavior\n        which stipulate that all pmiOnnel must be able to identify PU and know the proper PH handling\n        guidelines in accordance with the Office ofPrivacy\'s policies and procedures.\n\n        While USCIS has made significant progress towards implementing employee reconunendations\n        into privacy training and awareness-we plan to do more. Privacy Awareness Week is\n        scheduled the week of April 4, 2011 and will include a variety ofguest speakers from the Federal\n        privacy arena, opening and closing remarks from the USCIS Director and DHS ChiefPrivacy\n\n\n\n                                            \xe2\x80\xa2 For Official Use OnIy-\n\n\n\n\n                     U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                    Page 29\n \n\n\x0cAppendix B\nManagement Comments to the Draft Report\n\n\n\n\n                                             - For Official Usc Only.\n\n        USCIS Response to DIG Recommendations re USCIS Privacy $lewardship - For OffICial Use\n        Only/DIG Project No. lo-I44-ITA.-USaS\n        Page 7\n\n\n        OfJker" and two dIoys of privacy training. along with awareness-building activities targeted 10\n        USCIS employees and contl\'adors.\n\n        Recommendation 6: Establish a working group to develop a $Iandardiled procus to\n        ensure that privacy tn.ining cbu~ are inserted and e.nfoKed iD contncts related to the\n        bandl.i:ag or maullenlnce of penGnaUy Identlf\'lIbk Information.\n\n        USClS\'s response; USCIS concurs with this recommendation. USCIS established a working\n        group in Novernbc" 2010 that consists of the Offices\' ofPrivacy, ChiefCoW\'ISC1 aDd Contracling\n        to devebp the required contract clauses and to assess c:urrent contracts lOr modification.\n\n        The working group has accomplished the IOlIowing:\n\n               Finalized the necessary contract clauses that mandate PH training ilr conl1\'aClOr\n               personnel;\n               Provided the SOWs ror all relevanl active contracts 10 the USCIS Privacy Officer fur\n               review and determination on whether PH training is required;\n               Idcotified a total of85 contracts requiring modification based on the SOW revlew by the\n               USCIS Privacy Officer and detcnnination that PU Training should be required;\n               Completed 7S coD1rllet modification and a remaining 10 rmdifications arc pending; and\n               Instituted a mandatory review by the USCIS Privacy Officer on all new acquisitions\n               >$ 100,000 to ensure future contract fully comply with privacy standards and training\n               requirements.\n\n        USCIS is finnly committed to ensuring it fulfills its obligation to acate and maintain a robust\n        privacy program As DOted in the subject report, USCIS established its privacy office and\n        designated a Privacy Officer in November 2007 to oversee and manage all aspects ofthe USCIS\n        privacy program. The USCIS privacy office is committed to working with all ofthc\n        organizations within USCIS to ensure we have a comprehensive privacy awareness program that\n        includes proper oversight, management and training to ensure full compliance with federal\n        policy and procedures.\n\n\n\n\n                                            - For Official Use Only.\n\n\n\n\n                    U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                    Page 30\n \n\n\x0cAppendix C\nLegislation, Memoranda, Directives, and Guidance Pertinent to the USCIS Privacy\nStewardship Audit\n\n                                                   LEGISLATION\n\nPrivacy Act of 1974, 5 U.S.C. \xc2\xa7 552a (2004). http://www.opm.gov/feddata/USC552a.txt\n\nE-Government Act of 2002, Public Law 107-347, 116 STAT. 2899 (2002).\nhttp://www.gpo.gov/fdsys/pkg/PLAW-107publ347/pdf/PLAW-107publ347.pdf\n\nFederal Information Security Management Act of 2002, 44 U.S.C. \xc2\xa7 3541, et seq. (2002).\nhttp://csrc.nist.gov/drivers/documents/FISMA-final.pdf\n\nImplementing Recommendations of the 9/11 Commission Act of 2007, Public Law 110-53, 121 Stat. 266, 360 (2007).\nhttp://www.nctc.gov/docs/ir-of-the-9-11-comm-act-of-2007.pdf\n\nImmigration and Nationality Act, Public Law No. 111-306, 8 U.S.C. 1101 (2010).\nhttp://www.uscis.gov/portal/site/uscis/menuitem.f6da51a2342135be7e9d7a10e0dc91a0/?vgnextoid=fa7e539dc4bed010V\ngnVCM1000000ecd190aRCRD&vgnextchannel=fa7e539dc4bed010VgnVCM1000000ecd190aRCRD&CH=act\n\n                                                OMB MEMORANDA\n\nOMB M-02-01: Guidance for Preparing and Submitting Security Plans of Action and Milestones (October 17, 2001).\nhttp://www.whitehouse.gov/omb/memoranda_m02-01\n\nOMB M-07-16: Safeguarding Against and Responding to the Breach of Personally Identifiable Information (May 22,\n2007). http://www.whitehouse.gov/omb/memoranda/fy2007/m07-16.pdf\n\nOMB M-10-15: FY 2010 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy\nManagement (April 21, 2010). http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m10-15.pdf\n\n                                           DIRECTIVES AND GUIDANCE\n\nDHS Memorandum: Designation of Component Privacy Officers (June 5, 2009). (No External Link Available)\n\nDHS Privacy Office: Policy Guidance Memorandum Number 2007-01; DHS Privacy Policy Regarding Collection, Use,\nRetention, and Dissemination of Information on Non-U.S. Persons (January 7, 2009).\nhttp://www.dhs.gov/xlibrary/assets/privacy/privacy_policyguide_2007-1.pdf\n\nDHS Privacy Office: Policy Guidance Memorandum Number 2008-02; DHS Privacy Policy Regarding Privacy Impact\nAssessments (December 30, 2008). http://www.dhs.gov/xlibrary/assets/privacy/privacy_policyguide_2008-02.pdf\n\nDHS Privacy Office: Handbook for Safeguarding Sensitive Personally Identifiable Information at the Department of\nHomeland Security (October 31, 2008). http://www.dhs.gov/xlibrary/assets/privacy/privacy_guide_spii_handbook.pdf\n\nDHS Privacy Office: Guide to Implementing Privacy (June 2010).\nhttp://www.dhs.gov/xlibrary/assets/privacy/privacy_implementation_guide_june2010.pdf\n\nDHS Privacy Office: Privacy Incident Handling Guidance (September 10, 2007).\nhttp://www.dhs.gov/xlibrary/assets/privacy/privacy_guide_pihg.pdf\n\nDHS Privacy Office: Privacy Technology Implementation Guide (August 16, 2007).\nhttp://www.dhs.gov/xlibrary/assets/privacy/privacy_guide_pihg.pdf\n\nDHS Privacy Office: Privacy Impact Assessments Official Guidance (May 2007).\nhttp://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_guidance_may2007.pdf\n\nDHS Privacy Office: Privacy Act Statement Guidance (April 2008).\nhttp://dhsconnect.dhs.gov/uscis/org/PVY/Official%20Guidance/Privacy%20Act%20(E3)%20Statement%20Official%20Gui\ndance.pdf\n\nDHS Privacy Office: System of Records Notices Official Guidance (April 2008).\nhttp://www.dhs.gov/xlibrary/assets/privacy/privacy_guidance_sorn.pdf\n\nDHS 4300A: Sensitive Systems Handbook Version 7.1 (August 9, 2010). (No External Link Available)\n\n\n\n\n                         U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                      Page 31 \n\n\x0cAppendix C\nLegislation, Memoranda, Directives, and Guidance Pertinent to the USCIS Privacy\nStewardship Audit\n                                            DIRECTIVES AND GUIDANCE\n\n\nNational Institute of Standards and Technology Special Publication 800-12: An Introduction to Computer Security:\nThe NIST Handbook (October 1995). http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf\n\nNational Institute of Standards and Technology Special Publication 800-21: 2nd Edition: Guideline for Implementing\nCryptography in the Federal Government (December 2005). http://csrc.nist.gov/publications/nistpubs/800-21-1/sp800-21\xc2\xad\n1_Dec2005.pdf\n\nNational Institute of Standards and Technology Special Publication 800-32: Introduction to Public Key Technology\nand the Federal PKI Infrastructure (February 26, 2001). http://csrc.nist.gov/publications/nistpubs/800-32/sp800-32.pdf\n\nNational Institute of Standards and Technology Special Publication 800-122: Guide to Protecting the Confidentiality\nof Personally Identifiable Information (April 2010). http://csrc.nist.gov/publications/nistpubs/800-122/sp800-122.pdf.\n\nUSCIS Management Directive 140-001: Handling Sensitive and Non-Sensitive Personally Identifiable Information\n(September 7, 2010). (No External Link Available)\n\n\n\n\n                         U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                        Page 32 \n\n\x0cAppendix D\nComponent Level Privacy Office Designation and Duties\n\n                      COMPONENTS TO DESIGNATE PRIVACY OFFICERS\n\n            \xef\xbf\xbd    U.S. Citizenship and Immigration Services\n            \xef\xbf\xbd    Federal Emergency Management Agency\n            \xef\xbf\xbd    National Protection and Programs Directorate\n            \xef\xbf\xbd    Office of Intelligence and Analysis\n            \xef\xbf\xbd    Science and Technology Directorate\n            \xef\xbf\xbd    Transportation Security Administration\n            \xef\xbf\xbd    United States Coast Guard\n            \xef\xbf\xbd    U.S. Immigration and Customs Enforcement\n            \xef\xbf\xbd    U.S. Customs and Border Protection\n            \xef\xbf\xbd    United States Secret Service\n\n                             COMPONENT PRIVACY OFFICER DUTIES\n\n\n        Communicate the component privacy initiatives, both internally and externally.\n\n\n        Monitor component\'s compliance with all federal privacy laws and regulations;\n        implement corrective, remedial, and preventative actions; and notify the DHS\n        Privacy Office of privacy issues or noncompliance when necessary.\n\n\n        Implement and monitor privacy training for employees and contractors.\n\n\n        Assist in drafting and reviewing Privacy Threshold Assessments (PTAs), Privacy\n        Impact Assessments (PIAs), and Systems of Records Notices (SORNs), as well\n        as any associated privacy compliance documentation.\n\n        Serve as the point of contact to handle privacy incident response responsibilities\n        as defined in the Privacy Incident Handling Guidance.\n\n        Provide privacy information to the DHS Privacy Office for the quarterly Federal\n        Information Security Management Act reporting, Section 803 of the Implementing\n        Recommendations of the 9/11 Commission Act reporting, the DHS Privacy Office\n        Annual Report, and other reporting requirements, as needed.\nSource: DHS Memorandum, Designation of Component Privacy Officers, June 5, 2009.\n\n\n\n\n                        U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                   Page 33 \n\n\x0c             Appendix E\n             USCIS Systems: Privacy Impact Assessments and System of Records Notices\n\n            NAME AND PII COLLECTED                         PRIVACY IMPACT ASSESSMENT                SYSTEM OF RECORDS NOTICE\nImmigration Benefits Background Check                  Immigration Benefits Background           DHS/USCIS-001 - Alien File (A-File)\nSystems (IBBCS) collects biometric information         Check Systems (IBBCS),                    and Central Index System (CIS),\nfrom petitioners who seek certain immigration          November 5, 2010                          October 31, 2008, 72 FR 1755\nbenefits. Applicants provide biometric information for                                           DHS/USCIS-002 - Background Check\nthe FBI Fingerprint Check and the Automated                                                      Service, June 5, 2007, 72 FR 31082\nBiometric Identification System Fingerprint Check.                                               DHS/USCIS-003 - Biometric Storage\n                                                                                                 System, April 6, 2007, 72 FR 1717\nNational File Tracking System (NFTS) collects and National File Tracking System (NFTS),          DHS/USCIS-001 - Alien File (A-File)\nmaintains PII pertaining to the applicant, system October 5, 2010                                and Central Index System (CIS),\nuser, and immigration file.                                                                      January 16, 2007, 72 FR 1755\nCitizenship and Immigration Data Repository              Citizenship and Immigration Data     DHS/USCIS-012 - Citizenship and\n(CIDR) collects PII directly from and about              Repository (CIDR), September 8, 2010 Immigration Data Repository (CIDR),\nimmigrants and nonimmigrants through applications                                             September 8, 2010, 75 FR 5464\nand petitions for the purposes of adjudicating and\nproviding immigration benefits.\nE-Verify Program: Use of Commercial Data for         E-Verify Program: Use of Commercial         DHS/USCIS-011 - E-Verify Program,\nEmployer Verification collects business information Data for Employer Verification,              May 19, 2010, 75 FR 28035\nfrom employers and a commercial data provider, Dun June 2, 2010\nand Bradstreet, to verify that registering companies\nare genuine businesses.\nCustomer Identity Verification (CIV) System              Customer Identity Verification (CIV)    DHS/USCIS-001 - Alien File (A-File)\nUpdate collects and uses PII when an applicant           System Update, April 26, 2010           and Central Index System (CIS),\nappears before USCIS in person at the time of an                                                 January 16, 2007, 72 FR 1755\ninterview so that USCIS can verify that the individual                                           DHS/USVISIT-0012 - DHS Automated\nbeing interviewed is the same person for whom it                                                 Biometric Identification System\nconducted a background check.                                                                    (IDENT), June 5, 2007, 72 FR 31080\nEligibility Risk and Fraud Assessment Testing            Eligibility Risk and Fraud Assessment   DHS/USCIS-001 - Alien File (A-File)\nEnvironment (EFRA) uses synthetic data from              Testing Environment (EFRA),             and Central Index System (CIS),\ndifferent datasets in Treasury Enforcement               April 9, 2010                           January 16, 2007, 72 FR 1755\nCommunications System.                                                                           DHS/USCIS-007 - Benefits Information\n                                                                                                 System, September 29, 2008, 73 FR\n                                                                                                 56596\n                                                                                                 DHS/USCIS-010 - Asylum Information\n                                                                                                 and Pre-Screening, January 5, 2010,\n                                                                                                 75 FR 409\nBackground Vetting Service (BVS) facilitates          Background Vetting Service (BVS),          DHS/USCIS-005 - Inter-Country\nfingerprint checks of U.S. citizens, whose principal  March 22, 2010                             Adoptions Security, June 5, 2007, 72\nresidence is overseas, and who is filing family-based                                            FR 31086\nimmigration petitions at Department of State                                                     DHS/USCIS-007 - Benefits Information\nOverseas Posts.                                                                                  System, September 29, 2008, 73 FR\n                                                                                                 56596\nRefugees, Asylum, and Parole System and the              Refugees, Asylum, and Parole System DHS/USCIS-010 - Asylum Information\nAsylum Pre-Screening System collects PII from            and the Asylum Pre-Screening System, and Pre-Screening, January 5, 2010,\nasylum applicants and applicants for benefits            November 24, 2009                    75 FR 409\nprovided by Section 203 of the Nicaraguan\nAdjustment and Central American Relief Act\n(NACARA \xc2\xa7 203).\nTravel and Employment Authorization Listings             Travel and Employment Authorization     DHS/USCIS-007 - Benefits Information\n(TEAL) collects applicant\xe2\x80\x99s PII for determining          Listings (TEAL), November 3, 2009       System, September 29, 2008, 73 FR\nbenefit eligibility.                                                                             56596\nUSCIS Customer Relationship Interface System       USCIS Customer Relationship                   DHS/USCIS-007 - Benefits Information\n(CRIS) Update receives PII from customers over the Interface System (CRIS) Update,               System, September 29, 2008, 73 FR\ninternet or over the phone.                        September 22, 2009                            56596\n\n\n\n\n                                      U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                                  Page 34\n \n\n\x0c             Appendix E\n             USCIS Systems: Privacy Impact Assessments and System of Records Notices\n\n           NAME AND PII COLLECTED                         PRIVACY IMPACT ASSESSMENT                SYSTEM OF RECORDS NOTICE\nReengineered Naturalization Casework System             Reengineered Naturalization Casework DHS/USCIS-007 - Benefits Information\n(RNACS) collects applicant\xe2\x80\x99s PII at a USCIS             System (RNACS), August 24, 2009      System, September 29, 2008, 73 FR\nApplication Support Center (ASC) to conduct                                                  565966596\nbackground checks.\nElectronic Filing System (e-Filing) collects PII from Electronic Filing System (e-Filing),      DHS/USCIS-007 - Benefits Information\napplicants based on the specific form(s) selected     August 24, 2009                           System, September 29, 2008, 73 FR\nfrom a menu of available applications.                                                          56596\nEnterprise Citizenship and Immigrations Services        Enterprise Citizenship and              DHS/USCIS-001 - Alien File (A-File)\nCentralized Operational Repository (eCISCOR)            Immigrations Services Centralized       and Central Index System (CIS),\nreplicates the PII to consolidate the data and          Operational Repository (eCISCOR),       January 16, 2007, 72 FR 1755\nstreamline the process for reporting and information    August 24, 2009                         DHS/USCIS-007 - Benefits Information\nsharing initiatives.                                                                            System, September 29, 2008, 73 FR\n                                                                                                56596\nCompliance Tracking and Management System             Compliance Tracking and Management DHS/USCIS-009 - Compliance\n(CTMS) contains PII on four categories of individuals System (CTMS), May 22, 2009        Tracking and Monitoring System, May\n(any of whom may be either U.S. citizens or non-U.S.                                     22, 2009, 74 FR 24022\ncitizens): Verification Subjects, E-Verify or\nSystematic Alien Verification for Entitlements\nProgram Users, Complainants, and DHS Employees.\nCorrespondence Handling and Management                  Correspondence Handling and             DHS/USCIS-007 - Benefits Information\nPlanning System (CHAMPS) collects and uses PII          Management Planning System              System, September 29, 2008, 73 FR\nto process N-400, N-600, and N-565 applications.        (CHAMPS), January 13, 2008              56596\nChanges to Requirements Affecting H-2A                  Changes to Requirements Affecting       DHS/USCIS-007 - Benefits Information\nNonimmigrants and Changes to Requirements               H-2A Nonimmigrants and Changes to       System, September 29, 2008, 73 FR\nAffecting H-2B Nonimmigrants and Employers              Requirements Affecting H-2B             56596\nFinal Rules collects PII from employers who may         Nonimmigrants and Employers Final\ncollect information from the nonimmigrant workers       Rules, December 18, 2008\nregarding H-2A and H-2B petitions.\nScheduling and Notification of Applicants for      Scheduling and Notification of               DHS/USCIS-007 - Benefits Information\nProcessing (SNAP) collects and stores PII provided Applicants for Processing (SNAP),            System, September 29, 2008, 73 FR\nat the time the USCIS Service Center/National      December 15, 2008                            56596\nBenefits Center schedules the appointment.\nVerification Information System Update collects         Verification Information System         DHS/USCIS-004 - Verification\nand verifies U.S. Passport and Passport Card data,      Update, November 20, 2008               Information System, December 11,\nwhich when required for secondary verification                                                  2008, 73 FR 75445\npurposes may include photographs from employees\nwho present a U.S. Passport or Passport Card as a\nForm I-9 List A document to an E-Verify participating\nemployer.\nUSCIS Person Centric Query Service Supporting           USCIS Person Centric Query Service      DHS/USCIS-003 - Biometric Storage\nVisa Benefit Adjudicators, Visa Fraud Officers,         Supporting Visa Benefit Adjudicators,   System, April 6, 2007, 72 FR 17172\nand Consular Officers of the Department of State,       Visa Fraud Officers, and Consular       DHS/USCIS-007 - Benefits Information\nBureau of Consular Affairs allows users to submit       Officers of the Department of State,    System, September 29, 2008, 73 FR\na single query for all transactions involving an        Bureau of Consular Affairs,             56596\nimmigrant across a number of systems, and returns       November 5, 2008                        DHS/USCIS-001 - Alien File (A-File)\na consolidated and correlated view of the immigrant\xe2\x80\x99s                                           and Central Index System (CIS),\npast interactions with the government as he or she                                              January 16, 2007, 72 FR 1755\npassed through the U.S. immigration system.\nAlien Change of Address Card (AR-11) contains           Alien Change of Address Card            DHS/USCIS-007 - Benefits Information\nPII submitted by customers whose addresses have         (AR-11), October 21, 2008               System, September 29, 2008, 73 FR\nchanged during their stay in the United States.                                                 56596\nDHS/UKvisas Project collects biometrics from           DHS/UKvisas Project,                     No System of Records listed.\napplicants at the time of biometric capture at an ASC. November 14, 2007\n\n\n\n\n                                     U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                                 Page 35\n \n\n\x0c              Appendix E\n              USCIS Systems: Privacy Impact Assessments and System of Records Notices\n\n            NAME AND PII COLLECTED                         PRIVACY IMPACT ASSESSMENT                SYSTEM OF RECORDS NOTICE\nUSCIS Microfilm Digitization Application System USCIS Microfilm Digitization                     DHS/USCIS-001 - Alien File (A-File)\n(MiDAS) contains approximately 85 million historic    Application System (MiDAS),                and Central Index System (CIS),\ndigitally indexed immigration-related records that    September 15, 2008                         January 16, 2007, 72 FR 1755\nwere previously stored on microfilm. The objective of\nMiDAS is to enable USCIS personnel to search,\nretrieve, and deliver PII about individuals contained\nin USCIS records based on requests received from\ncustomers, such as federal, state, and local\ngovernment agencies and the public.\nUSCIS Benefits Processing of Applicants other            USCIS Benefits Processing of            DHS/USCIS-007 - Benefits Information\nthan Petitions for Naturalization, Refugee Status,       Applicants other than Petitions for     System, September 29, 2008, 73 FR\nand Asylum (CLAIMS 3) contains data entered from         Naturalization, Refugee Status, and     56596\nall CIS customer immigration application forms and       Asylum (CLAIMS 3),\npetitions except naturalization, refugees and asylum.    September 5, 2008\nUSCIS Computer Linked Application Information            USCIS Computer Linked Application       DHS/USCIS-007 - Benefits Information\nManagement System (CLAIMS 4) contains data               Information Management System           System, September 29, 2008, 73 FR\nentered from the N-400, Application for                  (CLAIMS 4), September 5, 2008           56596\nNaturalization, as well as data generated by DHS or\nthe FBI.\nUSCIS Fraud Detection and National Security              USCIS Fraud Detection and National      DHS/USCIS-006 - Fraud Detection and\nData System (FDNS-DS) contains PII collected             Security Data System (FDNS-DS),         National Security Data System (FDNS\xc2\xad\nthroughout the following processes: administrative       July 29, 2008                           DS), August 18, 2008, 73 FR 48231\ninvestigations, fraud investigations, adjudication\nprocesses, and benefit fraud assessments.\nUSCIS Secure Information Management Service              USCIS Secure Information                DHS/USCIS-005 - Inter-Country\n(SIMS) Pilot with Inter-Country Adoptions Update         Management Service (SIMS) Pilot with    Adoptions Security, June 5, 2007,\ncollects and shares PII regarding adoptions with         Inter-Country Adoptions Update,         72 FR 31086\nDepartment of State.                                     August 13, 2008\nUSCIS Central Index System (CIS) collects PII            USCIS Central Index System (CIS),       DHS/USCIS-001 - Alien File (A-File)\ndirectly from the individual requesting benefits under   June 22, 2007                           and Central Index System (CIS),\nthe Immigration and Nationality Act.                                                             January 16, 2007, 72 FR 1755\nUSCIS Enterprise Service Bus (ESB) collects           USCIS Enterprise Service Bus (ESB),        DHS/ALL-004 - General Information\noperational data used for authentication,             June 22, 2007                              Technology Access Account Records\nauthorization, and determination of permissions for a                                            System (GITAARS), September 29,\nuser or system connecting to a deployed service.                                                 2009, 74 FR 49882\nUSCIS Biometric Storage System (BSS) collects        USCIS Biometric Storage System              DHS/USCIS-003 - Biometric Storage\nbiometric and associated biographic data provided at (BSS), March 28, 2007                       System, April 6, 2007, 72 FR 17172\nthe time of biometric capture at an ASC.\nUSCIS Naturalization Redesign Test Pilot (NRTP)          USCIS Naturalization Redesign Test      DHS/USCIS-001 - Alien File (A-File)\ncollects PII from all people interviewed for             Pilot (NRTP), January 12, 2007          and Central Index System (CIS),\nnaturalization at 10 USCIS district offices with                                                 January 16, 2007, 72 FR 1755\nappointments from approximately February 15, 2007                                                DHS/USCIS-007 - Benefits Information\nthrough May 15, 2007.                                                                            System, September 29, 2008, 73 FR\n                                                                                                 56596\nMigrant Information Tracking System (MITS)               Migrant Information Tracking System     No System of Records listed.\ncollects biographic information from the migrant, to     (MITS), February 3, 2011\ninclude name, date of birth, address, gender, marital\nstatus, race, and occupation.\nIntegrated Digitization Document Management             Integrated Digitization Document         DHS/USCIS-001 - Alien File (A-File)\nProgram (IDDMP) does not collect new data directly Management Program (IDDMP),                   and Central Index System (CIS),\nfrom individuals; rather IDDMP digitizes the hardcopy January 5, 2007                            January 16, 2007, 72 FR 1755\nA-File data collected originally from or on individuals\ncovered by provisions of the Immigration and\nNationality Act.\n\n\n\n                                      U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                                  Page 36\n \n\n\x0c              Appendix E\n              USCIS Systems: Privacy Impact Assessments and System of Records Notices\n\n            NAME AND PII COLLECTED                           PRIVACY IMPACT ASSESSMENT                SYSTEM OF RECORDS NOTICE\nH-1B Visa Cap Registration requires the following          H-1B Visa Cap Registration,             No System of Records listed.\nPII from petitioners and beneficiaries: name,              January 28, 2011\nemployer identification number, contact information,\ndate of birth, country of birth, country of citizenship,\ngender, passport number, and any additional\ninformation requested by the registration or USCIS.\nE-Verify Self Check collects the individual\xe2\x80\x99s name,      E-Verify Self Check, March 4, 2011 DHS/USCIS-013 - E-Verify Self Check,\naddress of residence, date of birth, and optionally,                                        February 16, 2011, 76 FR 9034\nthe individual\xe2\x80\x99s Social Security number. Based on\ncitizenship status and the document chosen to\npresent for work authorization, the system collects\nadditional information that can include: citizenship\nstatus, Alien Number (if noncitizen), passport\nnumber, Form I-94 number, lawful permanent\nresident card, or work authorization document\nnumber.\n               Source: The DHS Privacy Office has USCIS Privacy Impact Assessments and System of Records Notices at\n               http://www.dhs.gov/files/publications/gc_1279308495679.shtm#content (accessed May 6, 2011).\n\n\n\n\n                                        U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                                   Page 37 \n\n\x0cAppendix F\nOIG Privacy Culture Survey\n\nOIG developed a privacy survey with involvement of the USCIS Office of Privacy. The\npurposes of the survey were to assess the level of workforce understanding of privacy and\nto obtain recommendations for improvements, based on the criteria in Appendix C.\n\nIn July 2010, OIG emailed a link to the USCIS workforce to complete the online privacy\nsurvey on a secure site. Survey participation was voluntary, confidential, and accessible\nonly by OIG. The results of the survey were useful because they provided insights into\nareas in which improvements are needed. The following chart shows the levels of job\nresponsibility, location, and lengths of services for respondents who either completed the\nsurvey or provided selected responses.\n\n                     DEMOGRAPHICS OF PARTICIPANTS\n                           Level of Job Responsibility\n                          Entry-level employees (14.4%)\n               Mid to high-level (non-manager) employees (66.2%)\n                          Supervisors/managers (19.4%)\n                                      Location\n                              Headquarters (17.8%)\n                             Field - Northeast (23.1%)\n                             Field - Southeast (9.4%)\n                              Field - Central (27.3%)\n                               Field - West (22.4%)\n                                Length of Service\n                            Less than 3 months (1.5%)\n                               3\xe2\x80\x9312 months (4.8%)\n                                 1\xe2\x80\x933 years (25.3%)\n                            More than 3 years (68.4%)\nSource: OIG Privacy Culture Survey\n\nOf the total 6,915 respondents, 81% (5,602) completed the survey and 19% (1,313)\nprovided selected responses. The completed survey response rate of federal employees was\n54% (5,602 of 10,367). We received 3,497 written comments by survey respondents,\n2,179 of whom (62%) recommended improvements to privacy training and awareness and\n1,318 of whom (38%) commented on the lack of privacy protections in their daily work.\n\nRespondents recommended the following improvements to privacy training and\nawareness 1) increase the frequency of privacy training (382 or 17%), 2) embed privacy\ninto standard operating procedures (340 or 16%), 3) implement more privacy awareness\nactivities (269 or 12%), 4) develop more training that incorporates privacy on-the-job\n(268 or 12%), 5) develop technologically enhanced methods of training (257 or 12%), 6)\nprovide more in-person or live instructor-based training (209 or 10%), 7) integrate more\nreal-world examples in training (201 or 9%), 8) provide more staff briefings on privacy\n(130 or 6%), and 9) increase opportunities for peer discussion and supervisory mentoring\non privacy (123 or 6%). The following chart shows the improvements that survey\nrespondents recommended.\n\n\n\n\n                     U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                Page 38 \n\n\x0cAppendix F\nOIG Privacy Culture Survey\n\n                                                                  Increase the frequency of privacy\n                                                                  training: 382 or 17%\n\n                                                                  Embed privacy into standard operating\n                        6%\n                                                                  procedures (SOPs): 340 or 16%\n               6%                         17%\n                                                                  Implement more privacy awareness\n                                                                  activities: 269 or 12%\n         9%\n                                                                  Develop more training that incorporates\n                                                                  privacy on-the-job: 268 or 12%\n\n                                                                  Develop technologically enhanced\n                                                      16%         methods of training: 257 or 12%\n   10%\n                                                                  Provide more in-person/live instructor-\n                                                                  based training: 209 or 10%\n\n                                                                  Integrate more real-world examples in\n                                                                  training: 201 or 9%\n         12%\n                                             12%                  Provide more staff briefing on privacy:\n                                                                  130 or 6%\n                         12%\n                                                                  Increase opportunities for peer\n                                                                  discussion/supervisory mentoring on\n                                                                  privacy: 123 or 6%\n\nSource: OIG Privacy Culture Survey, written comments, N = 3,497.\n\n\n\n\n                      U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                                 Page 39 \n\n\x0cAppendix G\nMajor Contributors to this Report\n\n                    System Privacy Division\n\n                    Marj P. Leaming, Director\n                    Eun Suk Lee, Lead Privacy Auditor\n                    Pamela J. Chambliss-Williams, Senior Program Analyst\n                    Hung Huynh, Privacy Specialist\n                    Kevin Mullinix, Management and Program Assistant\n                    Steven Tseng, Management and Program Assistant\n\n                    Craig Adelman, Referencer\n\n\n\n\n                 U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                            Page 40 \n\n\x0cAppendix H\nReport Distribution\n\n                      Department of Homeland Security\n\n                      Secretary\n                      Deputy Secretary\n                      Chief of Staff\n                      Deputy Chief of Staff\n                      General Counsel\n                      Executive Secretariat\n                      Director, GAO/OIG Liaison Office\n                      Assistant Secretary for Office of Policy\n                      Assistant Secretary for Office of Public Affairs\n                      Assistant Secretary for Office of Legislative Affairs\n                      Director of USCIS\n                      DHS Privacy Office\n                      USCIS Audit Liaison Office\n                      USCIS Office of Privacy\n\n                      Office of Management and Budget\n\n                      Chief, Homeland Security Branch\n                      DHS OIG Budget Examiner\n\n                      Congress\n\n                      Congressional Oversight and Appropriations Committees, as\n                      appropriate\n\n\n\n\n                 U.S. Citizenship and Immigration Services Privacy Stewardship \n\n\n                                            Page 41\n \n\n\x0cADDITIONAL INFORMATION AND COPIES\n\nTo obtain additional copies of this report, please call the Office of Inspector General (OIG) at (202) 254-4100,\nfax your request to (202) 254-4305, or visit the OIG web site at www.dhs.gov/oig.\n\n\nOIG HOTLINE\n\nTo report alleged fraud, waste, abuse or mismanagement, or any other kind of criminal or noncriminal\nmisconduct relative to department programs or operations:\n\n\xe2\x80\xa2 Call our Hotline at 1-800-323-8603;\n\n\xe2\x80\xa2 Fax the complaint directly to us at (202) 254-4292;\n\n\xe2\x80\xa2 Email us at DHSOIGHOTLINE@dhs.gov; or\n\n\xe2\x80\xa2 Write to us at:\n       DHS Office of Inspector General/MAIL STOP 2600,\n       Attention: Office of Investigations - Hotline,\n       245 Murray Drive, SW, Building 410,\n       Washington, DC 20528.\n\n\nThe OIG seeks to protect the identity of each writer and caller.\n\x0c'